91 matches found
CVE-2021-46164
Zoho ManageEngine Desktop Central before 10.0.662 allows remote code execution by an authenticated user who has complete access to the Reports module...
CVE-2020-25102
silverstripe-advancedreports aka the Advanced Reports module for SilverStripe 1.0 through 2.0 is vulnerable to Cross-Site Scripting XSS because it is possible to inject and store malicious JavaScript code. The affects admin/advanced-reports/DataObjectReport/EditForm/field/DataObjectReport/item ak...
CVE-2024-5556
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in reports module...
CVE-2024-9459
Zohocorp ManageEngine Exchange Reporter Plus versions 5718 and prior are vulnerable to authenticated SQL Injection in reports module...
CVE-2024-49574
Zohocorp ManageEngine ADAudit Plus versions below 8123 are vulnerable to SQL Injection in the reports module...
CVE-2024-49574
Zohocorp ManageEngine ADAudit Plus versions below 8123 are vulnerable to SQL Injection in the reports module...
CVE-2024-49574 SQL Injection
Zohocorp ManageEngine ADAudit Plus versions below 8123 are vulnerable to SQL Injection in the reports module...
CVE-2024-49574 SQL Injection
Zohocorp ManageEngine ADAudit Plus versions below 8123 are vulnerable to SQL Injection in the reports module...
CVE-2024-49574
Affected software: ManageEngine ADAudit Plus. Versions below build 8123 are vulnerable to a SQL injection flaw in the reports module. Root cause: improper handling of SQL queries in the reports component leading to injection. Impact: high confidentiality and integrity impact; partial availability...
PT-2024-33553 · Zohocorp · Zoho Manageengine Adaudit Plus
Name of the Vulnerable Software and Affected Versions: Zohocorp ManageEngine ADAudit Plus versions below 8123 Description: The issue is related to SQL Injection in the reports module. This can potentially lead to data compromise, including access to sensitive information or manipulation and...
CVE-2024-9459
Zohocorp ManageEngine Exchange Reporter Plus versions 5718 and prior are vulnerable to authenticated SQL Injection in reports module...
CVE-2024-9459 SQL Injection
Zohocorp ManageEngine Exchange Reporter Plus versions 5718 and prior are vulnerable to authenticated SQL Injection in reports module...
CVE-2024-9459 SQL Injection
Zohocorp ManageEngine Exchange Reporter Plus versions 5718 and prior are vulnerable to authenticated SQL Injection in reports module...
CVE-2024-9459
CVE-2024-9459 affects Zoho ManageEngine Exchange Reporter Plus up through version 5718 and earlier. The security issue is described as an authenticated SQL Injection in the reports module. The connected sources specifically list the affected software and version range, with remediation guidance r...
PT-2024-39647 · Zoho · Zoho Manageengine Exchange Reporter Plus
Name of the Vulnerable Software and Affected Versions: Zohocorp ManageEngine Exchange Reporter Plus versions 5718 and prior Description: The issue concerns an authenticated SQL Injection in the reports module. Recommendations: For versions 5718 and prior, update to a version later than 5718 to...
CVE-2024-6204
Zohocorp ManageEngine Exchange Reporter Plus versions before 5715 are vulnerable to SQL Injection in the reports module...
CVE-2024-6204
Zohocorp ManageEngine Exchange Reporter Plus versions before 5715 are vulnerable to SQL Injection in the reports module...
CVE-2024-6204
Product affected: Zohocorp ManageEngine Exchange Reporter Plus. Vulnerability: SQL Injection in the reports module. Affected versions: before 5715. Root cause / details: SQL injection vulnerability in the reports module (no further technical specifics provided in the cited documents). Impact (as ...
CVE-2024-6204 SQL injection
Zohocorp ManageEngine Exchange Reporter Plus versions before 5715 are vulnerable to SQL Injection in the reports module...
PT-2024-37449 · Zohocorp · Zoho Manageengine Exchange Reporter Plus
Name of the Vulnerable Software and Affected Versions: Zohocorp ManageEngine Exchange Reporter Plus versions before 5715 Description: The issue is related to SQL Injection in the reports module of the software. This allows for potential exploitation. No information is provided about the estimated...